From owner-freebsd-current Tue Dec 1 10:18:19 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA27192 for freebsd-current-outgoing; Tue, 1 Dec 1998 10:18:19 -0800 (PST) (envelope-from owner-freebsd-current@FreeBSD.ORG) Received: from omahpop1.omah.uswest.net (omahpop1.omah.uswest.net [204.26.64.1]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id KAA27175 for ; Tue, 1 Dec 1998 10:18:14 -0800 (PST) (envelope-from opsys@open-systems.net) Received: (qmail 4366 invoked by alias); 1 Dec 1998 18:17:49 -0000 Delivered-To: fixup-freebsd-current@FreeBSD.ORG@fixme Received: (qmail 4344 invoked by uid 0); 1 Dec 1998 18:17:48 -0000 Received: from dialupc216.ne.uswest.net (HELO pinkfloyd.open-systems.net) (209.180.97.216) by omahpop1.omah.uswest.net with SMTP; 1 Dec 1998 18:17:48 -0000 Date: Tue, 1 Dec 1998 12:17:48 -0600 (CST) From: "Open Systems Inc." To: Karl Denninger cc: John Saunders , Matthew Dillon , freebsd-current@FreeBSD.ORG Subject: Re: D.O.S. attack protection enhancements commit (ICMP_BANDLIM) In-Reply-To: <19981201100633.A55743@Denninger.Net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 1 Dec 1998, Karl Denninger wrote: > That's not true. > > While under attack, a system will consume *outrageous* numbers of buffers. > There is no reason to "size" for such events; the fix is as Matt described, > in that there is no reason for the system to make available resources that > cannot be *productively* consumed. I knew someone was gonna say something. :-) I meant to specifically answer his comment about heavy load not a DoS. Although a DoS *will* generate a large load as you state I was merely trying to answer his specific question of large load not a DoS making FBSD fall over. Chris "If you aim the gun at your foot and pull the trigger, it's UNIX's job to ensure reliable delivery of the bullet to where you aimed the gun (in this case, Mr. Foot)." -- Terry Lambert, FreeBSD-Hackers mailing list. ===================================| Open Systems FreeBSD Consulting. FreeBSD 2.2.7 is available now! | Phone: 402-573-9124 -----------------------------------| 3335 N. 103 Plaza #14, Omaha, NE 68134 FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net http://www.freebsd.org | Consulting, Network Engineering, Security ===================================| http://open-systems.net -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQENAzPemUsAAAEH/06iF0BU8pMtdLJrxp/lLk3vg9QJCHajsd25gYtR8X1Px1Te gWU0C4EwMh4seDIgK9bzFmjjlZOEgS9zEgia28xDgeluQjuuMyUFJ58MzRlC2ONC foYIZsFyIqdjEOCBdfhH5bmgB5/+L5bjDK6lNdqD8OAhtC4Xnc1UxAKq3oUgVD/Z d5UJXU2xm+f08WwGZIUcbGcaonRC/6Z/5o8YpLVBpcFeLtKW5WwGhEMxl9WDZ3Kb NZH6bx15WiB2Q/gZQib3ZXhe1xEgRP+p6BnvF364I/To9kMduHpJKU97PH3dU7Mv CXk2NG3rtOgLTEwLyvtBPqLnbx35E0JnZc0k5YkABRO0JU9wZW4gU3lzdGVtcyA8 b3BzeXNAb3Blbi1zeXN0ZW1zLm5ldD4= =BBjp -----END PGP PUBLIC KEY BLOCK----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message